EP3198513A4 - Data verification using enclave attestation - Google Patents

Data verification using enclave attestation Download PDF

Info

Publication number
EP3198513A4
EP3198513A4 EP15843584.2A EP15843584A EP3198513A4 EP 3198513 A4 EP3198513 A4 EP 3198513A4 EP 15843584 A EP15843584 A EP 15843584A EP 3198513 A4 EP3198513 A4 EP 3198513A4
Authority
EP
European Patent Office
Prior art keywords
data verification
enclave attestation
enclave
attestation
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP15843584.2A
Other languages
German (de)
French (fr)
Other versions
EP3198513A1 (en
Inventor
Ned Smith
Esteban Gutierrez
Andrew WOODRUFF
Aditya Kapoor
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
McAfee LLC
Original Assignee
McAfee LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by McAfee LLC filed Critical McAfee LLC
Publication of EP3198513A1 publication Critical patent/EP3198513A1/en
Publication of EP3198513A4 publication Critical patent/EP3198513A4/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6281Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database at program execution time, where the protection is within the operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/032Protect output to user by software means
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2115Third party
EP15843584.2A 2014-09-25 2015-08-25 Data verification using enclave attestation Withdrawn EP3198513A4 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US14/496,056 US9715597B2 (en) 2014-09-25 2014-09-25 Data verification using enclave attestation
PCT/US2015/046798 WO2016048532A1 (en) 2014-09-25 2015-08-25 Data verification using enclave attestation

Publications (2)

Publication Number Publication Date
EP3198513A1 EP3198513A1 (en) 2017-08-02
EP3198513A4 true EP3198513A4 (en) 2018-04-11

Family

ID=55581754

Family Applications (1)

Application Number Title Priority Date Filing Date
EP15843584.2A Withdrawn EP3198513A4 (en) 2014-09-25 2015-08-25 Data verification using enclave attestation

Country Status (5)

Country Link
US (2) US9715597B2 (en)
EP (1) EP3198513A4 (en)
CN (1) CN106796638B (en)
RU (1) RU2666273C2 (en)
WO (1) WO2016048532A1 (en)

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9715597B2 (en) 2014-09-25 2017-07-25 Mcafee, Inc. Data verification using enclave attestation
WO2017058947A1 (en) * 2015-09-28 2017-04-06 Red Balloon Security, Inc. Injectable hardware and software attestation of sensory input data
US9813387B2 (en) * 2015-12-18 2017-11-07 General Electric Company Vehicle communication network security system and method
US11405177B2 (en) * 2017-01-24 2022-08-02 Microsoft Technology Licensing, Llc Nested enclave identity
US10523688B1 (en) * 2017-04-12 2019-12-31 Rockwell Collins, Inc. Computing system attestation
CN107463838B (en) * 2017-08-14 2019-10-18 广州大学 Method for safety monitoring, device, system and storage medium based on SGX
US11126699B2 (en) * 2018-02-07 2021-09-21 Nec Corporation Replica trusted execution environment: enabling seamless replication of trusted execution environment (TEE)-based enclaves in the cloud
US10872153B2 (en) 2018-02-23 2020-12-22 Microsoft Technology Licensing, Llc Trusted cyber physical system
US11411933B2 (en) 2018-02-23 2022-08-09 Microsoft Technology Licensing, Llc Trusted cyber physical system
US11190356B2 (en) 2018-02-23 2021-11-30 Microsoft Technology Licensing, Llc Secure policy ingestion into trusted execution environments
WO2020052751A1 (en) * 2018-09-12 2020-03-19 Huawei Technologies Co., Ltd. Device and method for attesting distributed services
ES2870823T3 (en) * 2019-04-19 2021-10-27 Advanced New Technologies Co Ltd Methods and devices for running reliable applications on a processor that supports protected runtime environments
US11392700B1 (en) * 2019-06-28 2022-07-19 Fireeye Security Holdings Us Llc System and method for supporting cross-platform data verification
US11269522B2 (en) 2019-07-16 2022-03-08 Microsoft Technology Licensing, Llc Private data analytics
US11082256B2 (en) 2019-09-24 2021-08-03 Pribit Technology, Inc. System for controlling network access of terminal based on tunnel and method thereof
US11271777B2 (en) 2019-09-24 2022-03-08 Pribit Technology, Inc. System for controlling network access of terminal based on tunnel and method thereof
US11381557B2 (en) 2019-09-24 2022-07-05 Pribit Technology, Inc. Secure data transmission using a controlled node flow
US11652801B2 (en) 2019-09-24 2023-05-16 Pribit Technology, Inc. Network access control system and method therefor
CN111047295B (en) * 2019-12-13 2023-04-07 红云红河烟草(集团)有限责任公司 Data acquisition method for cigarette shred manufacturing process
CN111611625B (en) * 2020-05-26 2023-04-07 牛津(海南)区块链研究院有限公司 Cloud data integrity auditing method and device and computer readable storage medium
US11347841B1 (en) 2020-09-11 2022-05-31 Rockwell Collins, Inc. System and method for runtime monitoring during hash-locked remote attestation
CN113542266B (en) * 2021-07-13 2022-09-27 中国人民解放军战略支援部队信息工程大学 Virtual network element trust measurement method and system based on cloud model
US20230068880A1 (en) * 2021-08-27 2023-03-02 EMC IP Holding Company LLC Function-based service framework with trusted execution platform

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6167523A (en) * 1997-05-05 2000-12-26 Intel Corporation Method and apparatus for forms data validation and processing control
US20050028084A1 (en) * 2003-07-28 2005-02-03 Alan Dziejma System and method for a form validation engine
US20130042295A1 (en) * 2011-08-10 2013-02-14 Charles C. Kelly Method and apparatus for providing a secure virtual environment on a mobile device

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US873860A (en) * 1905-07-07 1907-12-17 Horace F Holmes Phonograph.
US6073142A (en) 1997-06-23 2000-06-06 Park City Group Automated post office based rule analysis of e-mail messages and other data objects for controlled distribution in network environments
US5987610A (en) 1998-02-12 1999-11-16 Ameritech Corporation Computer virus screening methods and systems
US6460050B1 (en) 1999-12-22 2002-10-01 Mark Raymond Pace Distributed content identification system
US6901519B1 (en) 2000-06-22 2005-05-31 Infobahn, Inc. E-mail virus protection system and method
US20030065646A1 (en) * 2001-09-13 2003-04-03 Joseph Paul G. Database interface architecture with time-based load balancing in a real-time environment
RU2315349C1 (en) * 2006-07-12 2008-01-20 Михаил ТОПР Method for replicating information in distributed databases and system for realization thereof
US7712143B2 (en) 2006-09-27 2010-05-04 Blue Ridge Networks, Inc. Trusted enclave for a computer system
US8769702B2 (en) * 2008-04-16 2014-07-01 Micosoft Corporation Application reputation service
US8352741B2 (en) * 2009-06-11 2013-01-08 Microsoft Corporation Discovery of secure network enclaves
US8627451B2 (en) * 2009-08-21 2014-01-07 Red Hat, Inc. Systems and methods for providing an isolated execution environment for accessing untrusted content
US9003517B2 (en) * 2009-10-28 2015-04-07 Microsoft Technology Licensing, Llc Isolation and presentation of untrusted data
US9864770B2 (en) * 2009-11-12 2018-01-09 Salesforce.Com, Inc. Customizing enterprise level business information networking
US9087200B2 (en) 2009-12-22 2015-07-21 Intel Corporation Method and apparatus to provide secure application execution
US8738860B1 (en) 2010-10-25 2014-05-27 Tilera Corporation Computing in parallel processing environments
US8832452B2 (en) 2010-12-22 2014-09-09 Intel Corporation System and method for implementing a trusted dynamic launch and trusted platform module (TPM) using secure enclaves
JP5874200B2 (en) * 2011-05-27 2016-03-02 ソニー株式会社 Information processing apparatus, information processing method, and program
US9083310B2 (en) * 2012-07-03 2015-07-14 Tdk Corporation Laminated structural type balun
US9430640B2 (en) * 2012-09-28 2016-08-30 Intel Corporation Cloud-assisted method and service for application security verification
RU2536663C2 (en) * 2012-12-25 2014-12-27 Закрытое акционерное общество "Лаборатория Касперского" System and method of protecting cloud infrastructure from illegal use
US9053059B2 (en) 2013-03-06 2015-06-09 Intel Corporation Roots-of-trust for measurement of virtual machines
US9715597B2 (en) 2014-09-25 2017-07-25 Mcafee, Inc. Data verification using enclave attestation

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6167523A (en) * 1997-05-05 2000-12-26 Intel Corporation Method and apparatus for forms data validation and processing control
US20050028084A1 (en) * 2003-07-28 2005-02-03 Alan Dziejma System and method for a form validation engine
US20130042295A1 (en) * 2011-08-10 2013-02-14 Charles C. Kelly Method and apparatus for providing a secure virtual environment on a mobile device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of WO2016048532A1 *

Also Published As

Publication number Publication date
US20180018476A1 (en) 2018-01-18
US9715597B2 (en) 2017-07-25
CN106796638A (en) 2017-05-31
EP3198513A1 (en) 2017-08-02
RU2666273C2 (en) 2018-09-06
CN106796638B (en) 2020-06-23
WO2016048532A1 (en) 2016-03-31
RU2017105861A3 (en) 2018-08-22
US20160092700A1 (en) 2016-03-31
RU2017105861A (en) 2018-08-22
US10176344B2 (en) 2019-01-08

Similar Documents

Publication Publication Date Title
EP3198513A4 (en) Data verification using enclave attestation
EP3219050A4 (en) Manicoding for communication verification
GB2544672B (en) Address dependent data encryption
EP3238129A4 (en) Input verification
EP3201856A4 (en) Secure processing of data
EP3208687A4 (en) Data glove
EP3161718A4 (en) Encryption architecture
EP3108612A4 (en) Fingerprint based authentication for single sign on
EP3213537A4 (en) Pushing information
EP3100171A4 (en) Client authentication using social relationship data
EP3113105A4 (en) Face authentication system
EP3100473A4 (en) Preloading data
EP3111305A4 (en) Improved data entry systems
EP3180888A4 (en) Techniques and system for extended authentication
SG11201704602QA (en) Data security operations with expectations
EP3198782A4 (en) Securing sensor data
EP3095066A4 (en) Compartment-based data security
EP3189477A4 (en) Authentication system
EP3143551A4 (en) Wearable authentication
EP3196681A4 (en) Security film
EP3205051A4 (en) Mutual authentication
EP3180886A4 (en) Physical unclonable function
EP3235163A4 (en) De-duplication of encrypted data
EP3152764A4 (en) Determining soft data
EP3201798A4 (en) Telemetry for data

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20170216

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: MCAFEE, LLC

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
A4 Supplementary search report drawn up and despatched

Effective date: 20180309

RIC1 Information provided on ipc code assigned before grant

Ipc: G06F 21/52 20130101AFI20180306BHEP

Ipc: G06F 21/56 20130101ALI20180306BHEP

Ipc: G06F 21/51 20130101ALI20180306BHEP

RIN1 Information on inventor provided before grant (corrected)

Inventor name: KAPOOR, ADITYA

Inventor name: GUTIERREZ, ESTEBAN

Inventor name: WOODRUFF, ANDREW

Inventor name: SMITH, NED

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN

18W Application withdrawn

Effective date: 20180828